CompTIA PT0-002試験問題（更新されたのは2022年）100%リアル問題解答 [Q45-Q68]

CompTIA PT0-002試験問題（更新されたのは2022年）100%リアル問題解答

合格させるCompTIA PT0-002試験最速合格

質問 45
A penetration tester who is conducting a vulnerability assessment discovers that ICMP is disabled on a network segment. Which of the following could be used for a denial-of-service attack on the network segment?

• A. Fraggle
• B. Ping flood
• C. Ping of death
• D. Smurf

正解: D

 

質問 46
A penetration tester recently performed a social-engineering attack in which the tester found an employee of the target company at a local coffee shop and over time built a relationship with the employee. On the employee's birthday, the tester gave the employee an external hard drive as a gift. Which of the following social-engineering attacks was the tester utilizing?

• A. Shoulder surfing
• B. Baiting
• C. Tailgating
• D. Phishing

正解: B

 

質問 47
You are a penetration tester reviewing a client's website through a web browser.
INSTRUCTIONS
Review all components of the website through the browser to determine if vulnerabilities are present.
Remediate ONLY the highest vulnerability from either the certificate, source, or cookies.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

正解:

解説:

 

質問 48
In an unprotected network file repository, a penetration tester discovers a text file containing usernames and passwords in cleartext and a spreadsheet containing data for 50 employees, including full names, roles, and serial numbers. The tester realizes some of the passwords in the text file follow the format: <name- serial_number>. Which of the following would be the best action for the tester to take NEXT with this information?

• A. Recommend using a password manage/vault instead of text files to store passwords securely.
• B. Recommend configuring password complexity rules in all the systems and applications.
• C. Create a custom password dictionary as preparation for password spray testing.
• D. Document the unprotected file repository as a finding in the penetration-testing report.

正解: D

 

質問 49
A new security firm is onboarding its first client. The client only allowed testing over the weekend and needed the results Monday morning. However, the assessment team was not able to access the environment as expected until Monday. Which of the following should the security company have acquired BEFORE the start of the assessment?

• A. The expected time frame of the assessment
• B. The proper emergency contacts for the client
• C. A signed statement of work
• D. The correct user accounts and associated passwords

正解: D

 

質問 50
A company becomes concerned when the security alarms are triggered during a penetration test. Which of the following should the company do NEXT?

• A. Halt the penetration test.
• B. Assume the alert is from the penetration test.
• C. Deconflict with the penetration tester.
• D. Contact law enforcement.

正解: D

 

質問 51
A penetration tester needs to perform a test on a finance system that is PCI DSS v3.2.1 compliant. Which of the following is the MINIMUM frequency to complete the scan of the system?

• A. Quarterly
• B. Monthly
• C. Annually
• D. Weekly

正解: D

 

質問 52
A penetration tester is working on a scoping document with a new client. The methodology the client uses includes the following:
Pre-engagement interaction (scoping and ROE)
Intelligence gathering (reconnaissance)
Threat modeling
Vulnerability analysis
Exploitation and post exploitation
Reporting
Which of the following methodologies does the client use?

• A. OSSTMM
• B. OWASP Web Security Testing Guide
• C. PTES technical guidelines
• D. NIST SP 800-115

正解: C

 

質問 53
A penetration tester wants to identify CVEs that can be leveraged to gain execution on a Linux server that has an SSHD running. Which of the following would BEST support this task?

• A. Run nmap with the -sV and -p22 options set against the target
• B. Run nmap with the -sA option set against the target
• C. Run nmap with the -o, -p22, and -sC options set against the target
• D. Run nmap with the --script vulners option set against the target

正解: A

 

質問 54
Which of the following web-application security risks are part of the OWASP Top 10 v2017? (Choose two.)

• A. Cross-site scripting
• B. Race-condition attacks
• C. Buffer overflows
• D. Ransomware attacks
• E. Injection flaws
• F. Zero-day attacks

正解: A,E

解説:
Explanation
A01-Injection
A02-Broken Authentication
A03-Sensitive Data Exposure
A04-XXE
A05-Broken Access Control
A06-Security Misconfiguration
A07-XSS
A08-Insecure Deserialization
A09-Using Components with Known Vulnerabilities
A10-Insufficient Logging & Monitoring

 

質問 55
A penetration tester discovered a vulnerability that provides the ability to upload to a path via directory traversal. Some of the files that were discovered through this vulnerability are:

Which of the following is the BEST method to help an attacker gain internal access to the affected machine?

• A. Download the smb.conf file and look at configurations
• B. Edit the discovered file with one line of code for remote callback
• C. Edit the smb.conf file and upload it to the server
• D. Download .pl files and look for usernames and passwords

正解: C

 

質問 56
A company hired a penetration-testing team to review the cyber-physical systems in a manufacturing plant. The team immediately discovered the supervisory systems and PLCs are both connected to the company intranet. Which of the following assumptions, if made by the penetration-testing team, is MOST likely to be valid?

• A. Controllers will not validate the origin of commands.
• B. PLCs will not act upon commands injected over the network.
• C. Supervisors and controllers are on a separate virtual network by default.
• D. Supervisory systems will detect a malicious injection of code/commands.

正解: A

 

質問 57
Which of the following should a penetration tester consider FIRST when engaging in a penetration test in a cloud environment?

• A. Whether the country where the cloud service is based has any impeding laws
• B. Whether the cloud service provider allows the penetration tester to test the environment
• C. The geographical location where the cloud services are running
• D. Whether the specific cloud services are being used by the application

正解: C

解説:
Section: (none)
Explanation

 

質問 58
The following line-numbered Python code snippet is being used in reconnaissance:

Which of the following line numbers from the script MOST likely contributed to the script triggering a
"probable port scan" alert in the organization's IDS?

• A. Line 02
• B. Line 08
• C. Line 07
• D. Line 01

正解: D

 

質問 59
The results of an Nmap scan are as follows:
Starting Nmap 7.80 ( https://nmap.org ) at 2021-01-24 01:10 EST
Nmap scan report for ( 10.2.1.22 )
Host is up (0.0102s latency).
Not shown: 998 filtered ports
Port State Service
80/tcp open http
|_http-title: 80F 22% RH 1009.1MB (text/html)
|_http-slowloris-check:
| VULNERABLE:
| Slowloris DoS Attack
| <..>
Device type: bridge|general purpose
Running (JUST GUESSING) : QEMU (95%)
OS CPE: cpe:/a:qemu:qemu
No exact OS matches found for host (test conditions non-ideal).
OS detection performed. Please report any incorrect results at https://nmap.org/submit/.
Nmap done: 1 IP address (1 host up) scanned in 107.45 seconds
Which of the following device types will MOST likely have a similar response? (Choose two.)

• A. Exposed RDP
• B. Print queue
• C. Public-facing web server
• D. IoT/embedded device
• E. Network device
• F. Active Directory domain controller

正解: C,E

 

質問 60
Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:

• A. protocols are more difficult to understand.
• B. devices produce more heat and consume more power.
• C. devices are obsolete and are no longer available for replacement.
• D. devices may cause physical world effects.

正解: A

 

質問 61
A penetration tester gains access to a system and establishes persistence, and then runs the following commands:
cat /dev/null > temp
touch -r .bash_history temp
mv temp .bash_history
Which of the following actions is the tester MOST likely performing?

• A. Making a copy of the user's Bash history for further enumeration
• B. Redirecting Bash history to /dev/null
• C. Covering tracks by clearing the Bash history
• D. Making decoy files on the system to confuse incident responders

正解: C

 

質問 62
A penetration tester writes the following script:

Which of the following objectives is the tester attempting to achieve?

• A. Scan the system on the most used ports.
• B. Fill the ARP table of the networked devices.
• C. Determine active hosts on the network.
• D. Set the TTL of ping packets for stealth.

正解: C

 

質問 63
Which of the following are the MOST important items to include in the final report for a penetration test?
(Choose two.)

• A. The network location of the vulnerable device
• B. The client acceptance form
• C. The CVSS score of the finding
• D. The vulnerability identifier
• E. The tool used to find the issue
• F. The name of the person who found the flaw

正解: D,E

 

質問 64
A penetration tester has been hired to configure and conduct authenticated scans of all the servers on a software company's network. Which of the following accounts should the tester use to return the MOST results?

• A. Service
• B. Root user
• C. Local administrator
• D. Network administrator

正解: A

 

質問 65
A penetration tester who is conducting a web-application test discovers a clickjacking vulnerability associated with a login page to financial dat a. Which of the following should the tester do with this information to make this a successful exploit?

• A. Conduct a watering-hole attack.
• B. Perform XSS.
• C. Use browser autopwn.
• D. Use BeEF.

正解: B

 

質問 66
A penetration tester has been given eight business hours to gain access to a client's financial system. Which of the following techniques will have the highest likelihood of success?

• A. Attempting to tailgate an employee going into the client's workplace
• B. Dropping a malicious USB key with the company's logo in the parking lot
• C. Using a brute-force attack against the external perimeter to gain a foothold
• D. Performing spear phishing against employees by posing as senior management

正解: C

 

質問 67
A penetration tester is preparing to perform activities for a client that requires minimal disruption to company operations. Which of the following are considered passive reconnaissance tools? (Choose two.)

• A. Burp Suite
• B. Nessus
• C. Wireshark
• D. Nikto
• E. Retina
• F. Shodan

正解: C,F

 

質問 68
......

リアルCompTIA PT0-002試験問題 [更新されたのは2022年]：https://www.jpntest.com/shiken/PT0-002-mondaishu